3com 5500-ei pwr Reference Guide

 

1-1 

authentication-mode { password | scheme [ command-authorization ] | none } 

User interface view 

none: Specifies not to authenticate users. 

password: Authenticates users using the local password. 

scheme: Authenticates users locally or remotely using usernames and passwords. 

command-authorization: Performs command authorization on TACACS authentication server. 

Use the authentication-mode command to specify the authentication mode. 

z 

If you specify the password keyword to authenticate users using the local password, remember to 

set the local password using the set authentication password command. Otherwise, AUX users 

can log in to the switch successfully without password, but VTY users will fail the login. VTY users 

must enter the correct authentication password to log in to the switch. 

z 

If you specify the scheme keyword to authenticate users locally or remotely using usernames and 

passwords, the actual authentication mode, that is, local or remote, depends on other related AAA 

scheme configuration of the domain.  

z 

If this command is executed with the command-authorization keyword specified, authorization is 

performed on the TACACS server whenever you attempt to execute a command, and the 

command can be executed only when you pass the authorization. Normally, a TACACS server 

contains a list of the commands available to different users. 

By default, the authentication mode is none for AUX users and password for VTY users. 

 

For a VTY user interface, to specify the none keyword or password keyword for login users, make sure 

that SSH is not enabled in the user interface. Otherwise, the configuration fails. Refer to the protocol 

inbound command for related configuration.